Step 3: Reviewing Scan Results

About this task

When the scan is complete, the results are displayed in the main window, in three areas: the Application Tree, the Result List, and the Detail Pane. The type of information presented in each area depends on the View selected (default is Security Issues View).

Procedure

To access a view, click the relevant icon in the View Selector on the left side of the screen.


View	Description
Data	Data View provides lists of content items found in your application. This can be a useful way of verifying that the scan is configured in a way that will cover your application, before you begin the Test stage. Application Tree: Shows the URL and folder nodes. Result List: Shows application data, sorted by scan results (see Data: Result list). For example, you can choose to see a list of broken links, of JavaScript™, of cookies, and so on. Detail Pane: Shows the request sent to a page and the response that was received. To learn more about the Application Data view, see Data view.
Issues	Issues View provides comprehensive data of the security issues discovered by the scan. Application Tree: Shows the folders, URLs, and files that AppScan discovered in your application are listed. The number next to each node in the tree indicates how many issues were found. Result List: Shows an icon per issue, indicating the severity value that is assigned to this issue (see Issues: Result list). Each issue also holds a consolidation of the URLs that are vulnerable to this issue. Under each URL, is a listing of the vulnerable data. Detail Pane: Displays information to enable you to understand why this is an issue, what it can do if gone untreated, how to fix, the variants of the test requests that were sent, the response of your application for which AppScan marked the test as an issue, and more. To learn more about the Issues view, see Issues view.

See Step 4: Working with results.